CVE-2003-0246

Description

The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.

CVSS Metrics

• v2.0•LOW•Score: 3.6AV:L/AC:L/Au:N/C:P/I:P/A:N

EPSS Trends

Current EPSS score: 0.12%• Percentile: 31%

Affected Systems

• linux•linux_kernel

  2.4.0 | 2.4.1 | 2.4.2 | 2.4.3 | 2.4.4 | 2.4.5 | 2.4.6 | 2.4.7 | 2.4.8 | 2.4.9 | 2.4.10 | 2.4.11 | 2.4.12 | 2.4.13 | 2.4.14 | 2.4.15 | 2.4.16 | 2.4.17 | 2.4.18 | 2.4.19 | 2.4.20 | 2.5.0 | 2.5.1 | 2.5.2 | 2.5.3 | 2.5.4 | 2.5.5 | 2.5.6 | 2.5.7 | 2.5.8 | 2.5.9 | 2.5.10 | 2.5.11 | 2.5.12 | 2.5.13 | 2.5.14 | 2.5.15 | 2.5.16 | 2.5.17 | 2.5.18 | 2.5.19 | 2.5.20 | 2.5.21 | 2.5.22 | 2.5.23 | 2.5.24 | 2.5.25 | 2.5.26 | 2.5.27 | 2.5.28 | 2.5.29 | 2.5.30 | 2.5.31 | 2.5.32 | 2.5.33 | 2.5.34 | 2.5.35 | 2.5.36 | 2.5.37 | 2.5.38 | 2.5.39 | 2.5.40 | 2.5.41 | 2.5.42 | 2.5.43 | 2.5.44 | 2.5.45 | 2.5.46 | 2.5.47 | 2.5.48 | 2.5.49 | 2.5.50 | 2.5.51 | 2.5.52 | 2.5.53 | 2.5.54 | 2.5.55 | 2.5.56 | 2.5.57 | 2.5.58 | 2.5.59 | 2.5.60 | 2.5.61 | 2.5.62 | 2.5.63 | 2.5.64 | 2.5.65 | 2.5.66 | 2.5.67 | 2.5.68 | 2.5.69

References (13)

• http://www.redhat.com/support/errata/RHSA-2003-147.html
• http://www.turbolinux.com/security/TLSA-2003-41.txt
• http://www.mandriva.com/security/advisories?name=MDKSA-2003:074
• http://www.debian.org/security/2003/dsa-336
• http://www.mandriva.com/security/advisories?name=MDKSA-2003:066
• http://www.redhat.com/support/errata/RHSA-2003-172.html
• http://marc.info/?l=bugtraq&m=105301461726555&w=2
• http://www.debian.org/security/2003/dsa-311
• http://www.debian.org/security/2003/dsa-332
• http://www.debian.org/security/2003/dsa-312
• http://www.debian.org/security/2004/dsa-442
• http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0076.html
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A278